stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

Platform: add script variables API and scope/policy updates

Browse Source 
Add CRUD endpoints for script variables with validation and diff-compatible
models (ScriptEndpoints, ScriptApiModels, IScriptService, InMemoryScriptService).
Update PlatformScopes and PlatformPolicies for script.read/write permissions.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-03-27 12:28:17 +02:00
parent c58a236d70
commit 7abdb5334d
8 changed files with 1720 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

172
docs/implplan/SPRINT_20260324_001_Platform_scripts_variables_validation_diff_compat.md Normal file
View File

@@ -0,0 +1,172 @@
# Sprint 20260324_001 — Scripts Library Enhancement: Variables, Validation, Diff, Compatibility
## Topic & Scope
- Add per-target variable/secret declarations to scripts, with editable UI and Monaco completions.
- Enhance Compile/Validate with real lint checks (safety, variable refs, structure) and Monaco diagnostic markers.
- Add version diff viewer using Monaco diff editor for side-by-side version comparison.
- Add deployment compatibility checker (language-target matrix, variable resolution, secret availability).
- Working directory: `src/Platform/StellaOps.Platform.WebService/`, `src/Web/StellaOps.Web/src/app/`.
- Expected evidence: backend build success, frontend build success, e2e tests pass (T10.1T10.6).
## Dependencies & Concurrency
- No upstream sprint dependencies.
- All 5 phases implemented in a single batch (Phase 1 models first, Phases 2-5 in parallel).
## Documentation Prerequisites
- None — self-contained feature enhancement.
## Delivery Tracker
### TASK-001 - Phase 1: Models & Contracts
Status: DONE
Dependency: none
Owners: Developer
Task description:
- Add `ScriptVariableDeclaration`, `ScriptVersionDetailDto`, `CheckCompatibilityRequest`, `CompatibilityResultDto`, `CompatibilityIssue` records to backend contracts.
- Add `Variables` field to `ScriptDetail`, `ScriptSummary`, `CreateScriptApiRequest`, `UpdateScriptApiRequest`.
- Add `DeclaredVariables` to `ValidateScriptApiRequest`, `Category` to `ScriptDiagnosticDto`.
- Add corresponding TypeScript interfaces to frontend models.
- Extend `IScriptService` with `GetVersionContentAsync` and `CheckCompatibilityAsync`.
- Extend `ScriptsApi` interface with `getVersionContent`, `checkCompatibility`, and `declaredVariables` param.
Completion criteria:
- [x] All backend DTOs compile
- [x] All frontend interfaces defined
- [x] Service interface extended
### TASK-002 - Phase 2: Per-Target Variables & Secrets
Status: DONE
Dependency: TASK-001
Owners: Developer
Task description:
- Propagate variables through create/update in `InMemoryScriptService`.
- Add sample variables to seed scripts (SERVICE_URL, TIMEOUT, DB_CONNECTION, IMAGE_REF, etc.).
- Add variables editor UI in script-detail with add/remove/edit rows.
- Show user variables in script editor context panel with click-to-insert.
- Register user variable completions alongside system vars in Monaco.
Completion criteria:
- [x] Variables persisted through create/update cycle
- [x] Mock scripts include sample variables
- [x] Variables editor renders and modifies signal state
- [x] Context panel shows user variables
- [x] Monaco autocomplete includes user variables on `$` trigger
### TASK-003 - Phase 3: Enhanced Compile/Validate
Status: DONE
Dependency: TASK-001
Owners: Developer
Task description:
- Variable reference validation: scan for `${STELLA_*}`, `$env:STELLA_*`, `Environment.GetEnvironmentVariable("STELLA_*")`.
- Bash: warn if missing `set -euo pipefail`; error on `rm -rf /`.
- C#: warn on empty catch blocks.
- General: hardcoded IPs, TODO/FIXME, >500 lines.
- Improved brace matching with line numbers.
- Frontend: pass declared variables to validate, set Monaco diagnostic markers.
Completion criteria:
- [x] Backend validation returns categorized diagnostics
- [x] Frontend mock validates bash variable refs and safety
- [x] Monaco editor shows squiggly underlines from diagnostics
- [x] Markers cleared on content change
### TASK-004 - Phase 4: Script Version Diff Viewer
Status: DONE
Dependency: TASK-001
Owners: Developer
Task description:
- Store version content in `TenantState.VersionContents` on create/update.
- Implement `GetVersionContentAsync` and GET endpoint.
- Create `ScriptDiffComponent` with Monaco diff editor.
- Add route `:scriptId/diff` and "Compare" links in version history.
Completion criteria:
- [x] Version content stored per version number
- [x] GET endpoint returns version content
- [x] Diff component loads both versions and renders Monaco diff editor
- [x] Compare links navigate with correct query params
### TASK-005 - Phase 5: Deployment Compatibility Check
Status: DONE
Dependency: TASK-001
Owners: Developer
Task description:
- Language-target matrix (bash/ECS warn, PowerShell/Linux warn).
- Variable resolution against target metadata, secret availability check.
- Runtime notes for ECS and Nomad targets.
- POST endpoint for compatibility check.
- Compatibility panel in script-detail with target type dropdown and results.
Completion criteria:
- [x] Backend returns categorized compatibility issues
- [x] POST endpoint wired
- [x] UI panel toggles, sends request, displays results
- [x] Mock client implements same matrix logic
### TASK-006 - Version restore (edit older version)
Status: DONE
Dependency: TASK-004
Owners: Developer
Task description:
- Add "Edit" button on each non-current version in version history.
- Load older version content into Monaco editor via `getVersionContent()` API.
- Show warning banner when editing an old version.
- Show confirmation modal on save — "this will create a new latest version".
- Add `setContent()` method to ScriptEditorComponent.
Completion criteria:
- [x] Edit button loads older version content into editor
- [x] Warning banner visible with "Back to latest" dismiss
- [x] Modal blocks save until confirmed
- [x] After save, editingVersion resets and version list refreshes
### TASK-007 - Input field styling (Stella Ops design system)
Status: DONE
Dependency: none
Owners: Developer
Task description:
- Match all form inputs to global search style: warm `surface-tertiary` background, same border/text/height/transition.
- Fix `box-sizing: border-box` overlap bug (inputs on same row overlapping by ~10px).
- Increase grid gaps between side-by-side fields (0.5rem → 1rem).
- Document the input field convention in `src/Web/StellaOps.Web/AGENTS.md`.
Completion criteria:
- [x] All inputs use surface-tertiary background, border-primary, 34px height, 0.12s transitions
- [x] box-sizing: border-box on all inputs — no overlap
- [x] Grid gaps 1rem between fields
- [x] AGENTS.md updated with Input Field Convention section
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2026-03-24 | Sprint created. All 5 phases implemented. Backend + frontend build clean. | Developer |
| 2026-03-24 | Docker images rebuilt (platform + console). Stack restarted. | Developer |
| 2026-03-24 | E2E tests T10.1T10.6 pass (7/7 including setup). | Developer |
| 2026-03-24 | TASK-006: Version restore with warning modal implemented. | Developer |
| 2026-03-24 | TASK-007: Input field styling fixed — warm bg, border-box, spacing. AGENTS.md updated with Input Field Convention. | Developer |
## Decisions & Risks
- All script storage is in-memory (`InMemoryScriptService`). No database migration required for this sprint.
- PowerShell not in `ScriptLanguageDto` enum — PowerShell-specific backend validation omitted but variable reference scanning includes `$env:STELLA_*` patterns.
- Version content storage is append-only within `TenantState`; no cleanup on version limit.
- Input overlap root cause: `box-sizing: content-box` (browser default) + `padding: 0 0.75rem` + `border: 1px` caused inputs to extend ~26px beyond their grid cell. Fix: `box-sizing: border-box` on all inputs.
## Next Checkpoints
- Integration with real `ScriptService` backed by PostgreSQL (future sprint).
- E2E tests for new features (variables editor, diff viewer, compatibility panel) — not yet covered by existing T10 suite.
## Files Modified
| File | Changes |
|------|---------|
| `src/Platform/.../Contracts/ScriptApiModels.cs` | +6 new DTOs/records, Variables on Detail/Summary/Requests |
| `src/Platform/.../Services/IScriptService.cs` | +2 methods |
| `src/Platform/.../Services/InMemoryScriptService.cs` | Variables storage, enhanced validation, version content, compatibility |
| `src/Platform/.../Endpoints/ScriptEndpoints.cs` | +2 endpoints (version content, compatibility) |
| `src/Web/.../core/api/scripts.models.ts` | +5 interfaces |
| `src/Web/.../core/api/scripts.client.ts` | +3 API methods, mock expansions, variables on scripts |
| `src/Web/.../features/scripts/script-detail.component.ts` | Variables editor, enhanced compile, compare links, compatibility panel |
| `src/Web/.../features/scripts/script-diff.component.ts` | **New** — Monaco diff viewer |
| `src/Web/.../features/scripts/scripts.routes.ts` | +1 route (diff) |
| `src/Web/.../shared/components/script-editor/script-editor.component.ts` | User variables input, diagnostic markers |
| `src/Web/.../shared/components/script-editor/script-context.ts` | User variables in completions |